Skip to main content

Microsoft Entra ID data that Druva protects

This article provides the list of attributes of each Microsoft Entra ID entity that Druva protects.

Updated over a week ago

Here’s the detailed information on each Microsoft Entra ID entity and its attributes that Druva protects.

Entity

Attributes

Tenant

  • Name

  • Tenant ID

  • Primary domain

  • Workload license

  • Country or region

  • Data location

  • Notification language

  • Technical contact

  • Global privacy contact

  • Privacy statement URL

  • Other tenant information

  • Org attributes

  • Company branding

  • Security defaults

User

  • Display name

  • First name ==> givenName

  • Last name ==> surname

  • User principal name

  • Object ID

  • User type

  • Creation type

  • Created date time

  • Last password change date time

  • External user state

  • External user state change date time

  • Sign in sessions valid from date time

  • Job title

  • Company name

  • Department

  • Employee ID

  • Employee type

  • Employee hire date

  • Office location

  • Manager

  • Street address

  • City

  • State or province

  • ZIP or postal code

  • Country or region

  • Business phone

  • Mobile phone

  • Email

  • Other emails

  • Fax number

  • Mail nickname

  • Age group

  • Consent provided for minor

  • Legal age group classification

  • Account enabled

  • Usage location

  • Preferred data location

  • On-premises immutable ID

  • On-premises security identifier

  • Extended columns

  • Administrative Units

User setting

(User features, external collaboration settings)

  • Users can register applications

  • Restrict non-admin users from creating tenants

  • Users can create security groups

  • Guest user access restrictions

Group

  • Name

  • Object ID

  • Group type

  • Email

  • Created at

  • Members

  • Owners

  • Deleted date-time

  • Description

  • Aliases

  • Storage limit (Except SharePoint Site related)

  • Site address (Except SharePoint Site related)

  • MailEnabled

  • membershipRule

  • membershipRule

  • ProcessingState

  • preferredDataLocation

  • preferredLanguage

  • resourceBehaviorOptions

  • resourceProvisioningOptions

  • securityEnabled

  • securityIdentifier

  • theme

  • visibility

  • isAssignableToRole

  • Administrative Units

Group setting

  • Security groups

  • Microsoft 365 groups

Roles and admins

  • Name

  • Description

  • isBuiltIn

  • isEnabled

  • rolePermissions

  • templateId

  • version

  • visibility

Enterprise applications

  • Name

  • Object ID

  • Application ID

  • Homepage URL

  • Created On

  • Properties - (Terms of Service URL, Privacy Statement URL, Reply URL, Assignment required, Visible to Others) ==> (replyUrls, info, loginUrl, logoutUrl)

  • Owners - (Name, Role assigned) ==> (using /owners endpoint)

  • Users and Groups

  • Certification expiry

Applications

  • Name

  • Application ID

  • Created On

  • Certificates and Secrets

  • Object ID

  • Directory ID

  • Application ID URL

  • Client credentials

  • Redirection URLs

Device (View/Download)

  • Name

  • Enabled

  • OS

  • Version

  • Join Type

  • Owner

  • MDM

  • Compliant

  • Registered

  • Administrative Units

Device setting

  • Users may attach devices with Azure AD

  • Users may register their devices with Azure AD

  • Require multi-factor authentication to register or attach devices with Azure AD

  • Maximum number of devices per user

  • Enable Azure AD LAPS

  • Restrict users from recover BitLocker keys of their owned devices

Administrative Units

  • Properties (such as name, description, membership type)

  • Members (Users, Groups, Devices)

  • Roles and Administrators

Conditional Access Policies

  • Properties (such as Object ID, Template ID, Display Name, State),

  • Assignments (Conditions, Applications, Users, Groups, Roles, Applications, Locations)

  • Access Controls (Grant and Session controls)

Did this answer your question?